I am looking to manage all the patches on my SQL Server instances, and we don't have WSUS. Also, I need a way to make sure our local dev environment is at the same windows and SQL server patch level as the prod environment hosted in the data center (separate networks).
I would love it if there was a way to log all the updates installed per SQL instance in a database of some kind so I can get reports. I am not opposed to a roll your own solution, however I don't want to roll my own using powershell, then BASH gets to be the preferred method of Windows or Python or something and then I have to roll this solution again.
I have been hearing that windows server will be supporting bash script, I assume when this happens, most people will start using this. Also, using powershell to administer things has been great, however, I am not sure how I would manage the code of a powershell solution like this.
In a perfect world, I would love the ability to have a tool go get the updates and install them in DEV. We can then test and once we feel everything is good, we can just have a script that will execute the exact same update installation in PROD. Using windows updates has not worked for us in the past because at times we have to skip a certain update or by the time can roll to PROD there are newer updates that have not been tested. Also with windows update, I don't know how to to run a query where I can show all the updates that have been installed. I know I can get this list via control panel, but I need to be ale to give the results to our Information Security team.
Has anybody dealt with this? If so..what did you do to solve the problem?