feat: add compliance reporting for SOC2, GDPR, and HIPAA (Loop 24)

Implement automated compliance report generation with structured JSON output:

- Add compliance.rs module with report generation for three report types:
  - SOC2: audit trail, security findings, access patterns, unique actors
  - GDPR: data processing records by provider/model, PII findings, lifecycle events
  - HIPAA: access logs by operation, unauthorized access findings, failed attempts

- API endpoints:
  - POST /api/v1/reports/generate: async report generation (returns 202 with ID)
  - GET /api/v1/reports/:id: retrieve completed report with full content

- Reports query real audit events, security findings, traces, and spans
  for configurable time periods with tenant isolation

- In-memory report store (ReportStore) with pending/completed/failed status

- 12 tests covering all report types, validation, tenant isolation,
  empty data handling, and audit event aggregation

Author: Jenkins

crates/llmtrace-proxy/src/api.rs

@@ -661,6 +661,7 @@ mod tests {
             cost_estimator,
             alert_engine: None,
             cost_tracker: None,
+            report_store: crate::compliance::new_report_store(),
         })
     }
 
@@ -708,6 +709,7 @@ mod tests {
             cost_estimator,
             alert_engine: None,
             cost_tracker,
+            report_store: crate::compliance::new_report_store(),
         })
     }
 

crates/llmtrace-proxy/src/auth.rs

@@ -612,6 +612,7 @@ mod tests {
             cost_estimator,
             alert_engine: None,
             cost_tracker: None,
+            report_store: crate::compliance::new_report_store(),
         })
     }