Use $SOURCE_DATE_EPOCH instead of random bytes
    
    Using random bytes makes the builds obviously irreproducible. Use instead
    $SOURCE_DATE_EPOCH as the source of the identifier, so that rebuilds of the same
    sources are the same. $SOURCE_DATE_EPOCH is augmented with
    %{name}-%{version}-%{release} and hashed with sha1sum to get a number that is 40
    hexadecimal bytes (same as the one generated from the random bytes before). Any
    hash function would do, we only need something that has good hashing properties,
    there is no security component here since the input is public.
    
    Tested on podman-5.0.0~rc3-3.fc41.x86_64.rpm. Together with
    https://github.com/rpm-software-management/rpm/pull/2930 and
    https://src.fedoraproject.org/rpms/podman/pull-request/131, the build becomes
    reproducible.