1) I don't want to pay for hosted CI
2) Setting up your own CI is a pain in the butt currently
Well done. I'm gonna have a look through this!
Drone combined with some of the features upcoming on docker.io will be an incredibly compelling usecase for Continuous Integration going forward.
One of the things I like is that it's dead simple to get running on Heroku. Language support is a little weak (Python, Ruby, node.js), but we're working on that.
Another nice feature that's currently lacking which it looks like Drone does well is the ability to provision external services (e.g. DB servers) for tests.
That being said, we are definitely making a long term bet on Docker and containers, and are confident security will improve over time.
1) in Docker, to support backends other than lxc, including vm-mapping and openvz which have a better security track record.
2) In Linux, to further harden linux namespaces upstream so that they can safely be used to execute untrusted code as root 
3) in ops best practices, to combine linux namespaces with additional security measures (selinux, apparmor, clustering to deploy mutually untrusted containers on different docker hosts, etc).
 a big focus of the namespacing effort us user namespaces which makes a container "think" it runs as root when in fact it doesn't. User namespaces work great but haven't been around long enough to be vetted. Beyond that, namespaces are pretty robust and feature-complete already. What's left is to go through the process of auditing, testing and generally allowing it to stand the test of time and scrutiny. Eventually ops and security engineers will warm up to it and it will graduate to "production-ready", the way Zones, Jails and OpenVZ did before it. It's only a matter of time.
The Bitbucket patch should land next week
you need Docker installed and the .drone.yml file in the root. it's a great way to test locally without having to push to the CI server. As an added bonus, you could even setup a pre-commit hook
What I see as a benefit is how all the features of this CI system work for you out of the box. Definitely worth a look.
Does it provide the fine-grained workflows Jenkins does?
- chain jobs - needed for larger projects; ideally this should even allow composing jobs to have nice, modular jobs which can be launched standalone or chained
- some kind of powerful templating system - needed for reducing configuration duplication; ideally this would keep track of all the "children" in case of updates
- you also probably need enterprisey features later on, like SSO using AD/LDAP, fine grained ACLs based on groups, etc
But job chaining and job templating should be higher priorities for the workflows since they affect the overall architecture. Jenkins has been struggling for a while to re-architect to allow this, not entirely successfully.
You also want a plugin system if you don't have one, especially one with dependencies (i.e. the Git plugin can server as a dependency for the Github plugin).
My 2 € cents :)