diff --git a/.gitea/workflows/itam_production_deploy.yml b/.gitea/workflows/itam_production_deploy.yml
index 168d05b..aa1fb15 100644
--- a/.gitea/workflows/itam_production_deploy.yml
+++ b/.gitea/workflows/itam_production_deploy.yml
@@ -36,13 +36,26 @@ jobs:
           ISSUER: ${{ vars.PROD_ISSUER }}
         run: |
           set -euo pipefail
-          required_keys="PROD_HOST PROD_USER PROD_DEPLOY_PATH PROD_GIT_URL DB_HOST DB_PORT DB_USER DB_PASS DB_NAME CLIENT_ID ISSUER"
-          for key in ${required_keys}; do
-            if [ -z "${!key:-}" ]; then
-              echo "::error::Missing required variable or secret: ${key}"
+          check_required() {
+            local env_name="$1"
+            local source_name="$2"
+            if [ -z "${!env_name:-}" ]; then
+              echo "::error::Missing required variable or secret: ${source_name}"
               exit 1
             fi
-          done
+          }
+
+          check_required PROD_HOST PROD_HOST
+          check_required PROD_USER PROD_USER
+          check_required PROD_DEPLOY_PATH PROD_DEPLOY_PATH
+          check_required PROD_GIT_URL PROD_GIT_URL
+          check_required DB_HOST PROD_DB_HOST
+          check_required DB_PORT PROD_DB_PORT
+          check_required DB_USER PROD_DB_USER
+          check_required DB_PASS PROD_DB_PASS
+          check_required DB_NAME PROD_DB_NAME
+          check_required CLIENT_ID PROD_CLIENT_ID
+          check_required ISSUER PROD_ISSUER
 
       - name: Create production env file
         env: