Phase 10: gRPC admin API with interceptor chain

Proto definitions for 4 services (RegistryService, PolicyService,
AuditService, AdminService) with hand-written Go stubs using JSON
codec until protobuf tooling is available.

Interceptor chain: logging (method, peer IP, duration, never logs
auth metadata) → auth (bearer token via MCIAS, Health bypasses) →
admin (role check for GC, policy, delete, audit RPCs).

All RPCs share business logic with REST handlers via internal/db
and internal/gc packages. TLS 1.3 minimum on gRPC listener.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>

proto/mcr/v1/audit.proto

@@ -0,0 +1,35 @@
+syntax = "proto3";
+
+package mcr.v1;
+
+option go_package = "git.wntrmute.dev/kyle/mcr/gen/mcr/v1;mcrv1";
+
+import "mcr/v1/common.proto";
+
+service AuditService {
+  rpc ListAuditEvents(ListAuditEventsRequest) returns (ListAuditEventsResponse);
+}
+
+message AuditEvent {
+  int64 id = 1;
+  string event_time = 2;
+  string event_type = 3;
+  string actor_id = 4;
+  string repository = 5;
+  string digest = 6;
+  string ip_address = 7;
+  map<string, string> details = 8;
+}
+
+message ListAuditEventsRequest {
+  PaginationRequest pagination = 1;
+  string event_type = 2;
+  string actor_id = 3;
+  string repository = 4;
+  string since = 5;
+  string until = 6;
+}
+
+message ListAuditEventsResponse {
+  repeated AuditEvent events = 1;
+}