feat: add support bundle and raw audit export

iso/builder/smoketest.sh

@@ -96,7 +96,7 @@ done
 
 echo ""
 echo "-- systemd services --"
-for svc in bee-nvidia bee-network bee-audit bee-web; do
+for svc in bee-nvidia bee-network bee-preflight bee-audit bee-web; do
     if systemctl is-active --quiet "$svc" 2>/dev/null; then
         ok "service active: $svc"
     else
@@ -104,6 +104,20 @@ for svc in bee-nvidia bee-network bee-audit bee-web; do
     fi
 done
 
+echo ""
+echo "-- runtime health --"
+if [ -f /appdata/bee/export/runtime-health.json ] && [ -s /appdata/bee/export/runtime-health.json ]; then
+    ok "runtime: runtime-health.json present and non-empty"
+else
+    fail "runtime: runtime-health.json missing or empty"
+fi
+
+if [ -f /appdata/bee/export/runtime-health.log ]; then
+    info "last runtime log line: $(tail -1 /appdata/bee/export/runtime-health.log)"
+else
+    warn "runtime: no log found at /appdata/bee/export/runtime-health.log"
+fi
+
 for svc in ssh bee-sshsetup; do
     if systemctl is-active --quiet "$svc" 2>/dev/null \
         || systemctl show "$svc" --property=ActiveState 2>/dev/null | grep -q "inactive\|exited"; then
@@ -126,37 +140,37 @@ fi
 
 echo ""
 echo "-- audit last run --"
-if [ -f /var/log/bee-audit.json ] && [ -s /var/log/bee-audit.json ]; then
+if [ -f /appdata/bee/export/bee-audit.json ] && [ -s /appdata/bee/export/bee-audit.json ]; then
     ok "audit: bee-audit.json present and non-empty"
-    info "size: $(du -sh /var/log/bee-audit.json | cut -f1)"
+    info "size: $(du -sh /appdata/bee/export/bee-audit.json | cut -f1)"
 else
     fail "audit: bee-audit.json missing or empty"
 fi
 
-if [ -f /var/log/bee-audit.log ]; then
-    last_line=$(tail -1 /var/log/bee-audit.log)
+if [ -f /appdata/bee/export/bee-audit.log ]; then
+    last_line=$(tail -1 /appdata/bee/export/bee-audit.log)
     info "last log line: $last_line"
-    if grep -q "audit output written" /var/log/bee-audit.log 2>/dev/null; then
+    if grep -q "audit output written" /appdata/bee/export/bee-audit.log 2>/dev/null; then
         ok "audit: completed successfully"
     else
         warn "audit: 'audit output written' not found in log — may have failed"
     fi
-    if grep -q "nvidia: enrichment skipped\|nvidia.*skipped\|enrichment skipped" /var/log/bee-audit.log 2>/dev/null; then
-        reason=$(grep -E "nvidia.*skipped|enrichment skipped" /var/log/bee-audit.log | tail -1)
+    if grep -q "nvidia: enrichment skipped\|nvidia.*skipped\|enrichment skipped" /appdata/bee/export/bee-audit.log 2>/dev/null; then
+        reason=$(grep -E "nvidia.*skipped|enrichment skipped" /appdata/bee/export/bee-audit.log | tail -1)
         fail "audit: nvidia enrichment skipped — $reason"
     else
         ok "audit: nvidia enrichment OK (no skip message)"
     fi
 else
-    warn "audit: no log found at /var/log/bee-audit.log"
+    warn "audit: no log found at /appdata/bee/export/bee-audit.log"
 fi
 
 echo ""
 echo "-- bee web --"
-if [ -f /var/log/bee-web.log ]; then
-    info "last web log line: $(tail -1 /var/log/bee-web.log)"
+if [ -f /appdata/bee/export/bee-web.log ]; then
+    info "last web log line: $(tail -1 /appdata/bee/export/bee-web.log)"
 else
-    warn "web: no log found at /var/log/bee-web.log"
+    warn "web: no log found at /appdata/bee/export/bee-web.log"
 fi
 
 if bash -c 'exec 3<>/dev/tcp/127.0.0.1/80 && printf "GET /healthz HTTP/1.0\r\nHost: localhost\r\n\r\n" >&3 && grep -q "^ok$" <&3'; then