Quite surprised to find no mention of SatisPress in this discussion.
It's a little rough around the edges but on the whole, a very functional solution to this tricky problem.
It runs on top of WordPress, allowing you to install premium / 3rd party plugins and setup their licenses / update mechanisms etc
The only issues we've found with using it so far is that the admin gets slow very quickly with that many plugins active, as many of the plugins rely on being active to check for updates etc so we've started splitting our plugins across multiple satispress instances (ie 1 repo for gravity forms and all add-ons, one for woo and all our premium extensions, one for general plugins like ACF).
We even use the github updater plugin to pull a bunch of our homemade plugins from git/bitbucket repos into a satispress instance, that way we don't need a heap of different VCS repositories in our composer.json
We've set cron to run updates automatically, but some plugins hook in weird places that depend on having the actual wp-admin loaded, so we still try to log in and manually update the sites as needed or at least once a week
Hope this helps, it's been the best solution my company has found so far