From 3e27bdcc45a83d5eddae8d52c3a77509b7344b82 Mon Sep 17 00:00:00 2001
From: Benjamin Gilbert <benjamin.gilbert@coreos.com>
Date: Thu, 6 Apr 2017 12:23:51 -0700
Subject: [PATCH] common: Don't export COREOS_BUILD_ID

5a76e4e5e9027443ef2014d8e1d06e9baa9e50aa started exporting COREOS_BUILD_ID
whenever it was found in version.txt, even if its value was blank. Because
COREOS_BUILD_ID is in ENVIRONMENT_WHITELIST, this caused generated build IDs
to be propagated into the SDK chroot environment and reused for every build
in a "cork enter" session. Stop exporting COREOS_BUILD_ID when we set it
ourselves.

See also 8e754f9c2bd4b4ec6561613ff57c095886877960.
---
 common.sh | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/common.sh b/common.sh
index 98a42bc70e..7aeddc3598 100644
--- a/common.sh
+++ b/common.sh
@@ -296,6 +296,10 @@ if [[ -f "${REPO_MANIFESTS_DIR}/version.txt" ]]; then
   else
     load_environment_var "${REPO_MANIFESTS_DIR}/version.txt" \
     COREOS_VERSION_ID COREOS_BUILD_ID COREOS_SDK_VERSION
+    # Don't promote COREOS_BUILD_ID into an environment variable when it
+    # didn't start as one, since we don't want it leaking into the SDK
+    # chroot environment via ENVIRONMENT_WHITELIST.
+    declare +x COREOS_BUILD_ID
   fi
   : ${COREOS_BUILD_ID:=$(date +%Y-%m-%d-%H%M)}
 elif [[ -f "${SCRIPT_LOCATION}/version.txt" ]]; then