Different environment for entry point and custom command

I am using a custom drone plugin to make changes to repository, commit and push them to github during CI run. Below is the Dockerfile for the plugin:

FROM maven:3.5.2-jdk-8
ADD prepare-release.sh /bin/
RUN chmod +x /bin/prepare-release.sh
WORKDIR /drone/src
CMD [ "/bin/bash","/bin/prepare-release.sh" ]

and the prepare-release.sh script:

if [ -z $GIT_PUSH_SSH_KEY ]; then
    echo GIT_PUSH_SSH_KEY is not set
    exit 1

echo creating ssh key

# try to create if not exists
mkdir ~/.ssh/

echo "$GIT_PUSH_SSH_KEY" > ~/.ssh/id_rsa

chmod 400  ~/.ssh/id_rsa
ssh-add ~/.ssh/id_rsa

ssh-keyscan -t rsa github.com >> ~/.ssh/known_hosts

ssh -T git@github.com

echo configuring git

git config --global user.name "Drone CI"
git config --global user.email "drone@example.com"

# do some work in repository

git add .
git commit -m "Prepare for ${DRONE_BRANCH}"
git push origin $DRONE_BRANCH

The issue is that following script would fail with

fatal: could not read Username for 'https://github.com': No such device or address

However, when the script is run manually from the ‘commands’ section of the pipeline, everything would work as expected. Looking at the environment with env, reveals several additional variables which are being set in case when entrypoint is used:


There are several others, but these ones look like they can affect authentication. And indeed, unsetting them from a script above fixes the issue.

Is it a bug that these variables are not set, when commands section is present? Since they affect things such as git, it seems rather strange. Thanks for any feedback on that.