diff --git a/.github/workflows/build-metrics-container.yml b/.github/workflows/build-metrics-container.yml
new file mode 100644
index 00000000000000..4f6fb14b21cb6c
--- /dev/null
+++ b/.github/workflows/build-metrics-container.yml
@@ -0,0 +1,78 @@
+name: Build Metrics Container
+
+permissions:
+  contents: read
+
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - .github/workflows/build-metrics-container.yml
+      - '.ci/metrics/**'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - .github/workflows/build-metrics-container.yml
+      - '.ci/metrics/**'
+
+jobs:
+  build-metrics-container:
+    if: github.repository_owner == 'llvm'
+    runs-on: ubuntu-latest
+    outputs:
+      container-name: ${{ steps.vars.outputs.container-name }}
+      container-name-tag: ${{ steps.vars.outputs.container-name-tag }}
+      container-filename: ${{ steps.vars.outputs.container-filename }}
+    steps:
+      - name: Checkout LLVM
+        uses: actions/checkout@v4
+        with:
+          sparse-checkout: .ci/metrics/
+      - name: Write Variables
+        id: vars
+        run: |
+          tag=`date +%s`
+          container_name="ghcr.io/$GITHUB_REPOSITORY_OWNER/metrics"
+          echo "container-name=$container-name" >> $GITHUB_OUTPUT
+          echo "container-name-tag=$container_name:$tag" >> $GITHUB_OUTPUT
+          echo "container-filename=$(echo $container_name:$tag  | sed -e 's/\//-/g' -e 's/:/-/g').tar" >> $GITHUB_OUTPUT
+      - name: Build Container
+        working-directory: ./.ci/metrics
+        run: |
+          podman build -t ${{ steps.vars.outputs.container-name-tag }} -f Dockerfile .
+      # Save the container so we have it in case the push fails.  This also
+      # allows us to separate the push step into a different job so we can
+      # maintain minimal permissions while building the container.
+      - name: Save Container Image
+        run: |
+          podman save  ${{ steps.vars.outputs.container-name-tag }} >  ${{ steps.vars.outputs.container-filename }}
+      - name: Upload Container Image
+        uses: actions/upload-artifact@v4
+        with:
+          name: container
+          path: ${{ steps.vars.outputs.container-filename }}
+          retention-days: 14
+  
+  push-metrics-container:
+    if: github.event_name == 'push'
+    needs:
+      - build-metrics-container
+    permissions:
+      packages: write
+    runs-on: ubuntu-24.04
+    env:
+      GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+    steps:
+      - name: Download Container
+        uses: actions/download-artifact@v4
+        with:
+          name: container
+      - name: Push Container
+        run: |
+          podman load -i ${{ needs.build-metrics-container.outptus.container-filename }}
+          podman tag ${{ needs.build-metrics-container.outputs.container-name-tag }} ${{ needs.build-metrics-container.outputs.container-name }}:latest
+          podman login -u ${{ github.actor }} -p $GITHUB_TOKEN ghcr.io
+          podman push ${{ needs.build-metrics-container.outputs.container-name-tag }}
+          podman push ${{ needs.build-metrics-container.outputs.container-name }}:latest