We currently have one CRS326-24S+2Q+RM and one CCR1036-8G-2S+ using ROS 6.48.2. There is a sfp+ cable between those; the CRS is configured for pure switching using the "/interface bridge vlan" options which works great. The CCR is doing routing etc. and it has some vlan-interfaces on top of the sfp+ port.

We bought a second CRS with the purpose of redundancy and want to link the two CRS together with QSFP+ cable(s). I don't see any problems there. For the CCR we want to use the 2nd SFP+ port to the 2nd CRS. AFAIK bonding is only for when using multiple cables between the same device and not for this setup.
The question is if I should add vlan interfaces on the 2nd sfp+ port as well and create a bridge for each vlan and add both vlan interfaces to that bridge - or - should I bridge the physical ports together and add vlan interfaces on that bridge. I have no clue if that works, but I did notice ROS does allow me to do /interface vlan add interface=testbridge name=vlan1 vlan-id=1

So or
Which one is supported/better and/or faster?

On CCR it will be done by CPU either way so performance wise both ways are pretty much the same. But you should proceed and configure CCR the same way as CRS - single bridge with VLANs. This way configuration will be similar on both your devices (only that CRS actually HW offloads everything).

I'll go a bit deeper into the reasons than @mkx:

As you intend to set up an L2 ring configuration (the CCR will be connected to two CRS and those will be connected to each other), you need to use some STP flavor to prevent L2 looping. And in order that xSTP behaved correctly, you must use the "single bridge common for all VLANs" approach, with the /interface vlan items attached to the internal port of the bridge.

The configuration above will work if vlan-filtering=no on the bridge, as in that case, the bridge doesn't tag frames on ingress and untag them on egress, it just forwards them unchanged.

If you want to use MSTP, you have to set vlan-filtering=yes, and in such case, you cannot attach an /interface vlan with a VID matching the pvid of the bridge port to which that /interface vlan is attached (which is 1 by default). The pvid of the other ports of the bridge is also 1 by default.

I'll go a bit deeper into the reasons than @mkx:

As you intend to set up an L2 ring configuration (the CCR will be connected to two CRS and those will be connected to each other), you need to use some STP flavor to prevent L2 looping. And in order that xSTP behaved correctly, you must use the "single bridge common for all VLANs" approach, with the /interface vlan items attached to the internal port of the bridge.

The configuration above will work if vlan-filtering=no on the bridge, as in that case, the bridge doesn't tag frames on ingress and untag them on egress, it just forwards them unchanged.

If you want to use MSTP, you have to set vlan-filtering=yes, and in such case, you cannot attach an /interface vlan with a VID matching the pvid of the bridge port to which that /interface vlan is attached (which is 1 by default). The pvid of the other ports of the bridge is also 1 by default.

Thanks for the explanation. With with the /interface vlan items attached to the internal port of the bridge do you mean this? And the semi-connected bridge will send the data out over sfp-sfpplus2 even while sfp-sfpplus1 is disconnected? Interesting, I'll try something with a few RB2011's I have lying around.